$80K — $100K *
The Security Engineer is responsible for providing operational security solutions that would enable the success of IT and business initiatives. Security Engineer interfaces with IT Groups across the company, client managers, business customers, third-parties, vendors, and auditors. The Security Engineer co-designs (along with Security Architect) and operationalizes security solutions that can be effectively delegated to Security Analysts or other support/operations functions. The scope of Security Engineers extends across technical and administrative controls that enable the protection and availability of business and IT systems. This is a Splunk position within a quickly growing Splunk team.
Provide technical engineering services to support and update existing security systems and work to automate processes related to security implementations, monitoring, and enforcement
Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve our ability to protect corporate assets and infrastructure
Participate in technical risk assessments and security exposure analyses of systems, networks and business applications
Evaluate and implement security devices such as firewalls, IDS, IPS, threat correlation tools, vulnerability management tools, encryption capabilities, etc.
Analyze network elements and designs to ensure secure and optimal system and network performance and cost effectiveness
Oversee the purchase, installation, and support of security devices
Responsible for assessing and managing information security risks to pre-existing current systems
Assist in the planning of large scale systems projects through vendor comparison and cost studies
Monitor, report and resolve all security-related problems and discrepancies
Participate as a member of the Information Security Incident Response Team
Interact with internal and external clients on security requirements, identify security process and develop strategies/solutions to security issues while maintaining tight security discipline
Develop test plan and implement rigorous testing prior to rollout of new systems into the production environment
Participate in Cyber Security Incident investigations
Work on problems of moderate scope where analysis of situations or data requires a review of a variety of factors.
Exercise judgment within defined procedures and practices to determine appropriate action.
Follow department processes and procedures and may make recommendations to these processes.
Supervision Received or Extended
Achieve set objectives
Negotiate, persuade, and gain consensus from implementation team on assigned objective
Errors may cause system outages or significant project delays
Work under general supervision of more experienced team members
Actively contribute to the results of a team and works towards achieving team goals and objectives.
Use expertise of more senior level team members and leverage additional resources to confirm solution or explore customized applications as a solution.
Knowledge and Skills/Technology Used
The Security Engineer will work with the Splunk admin and the security engineering team who would be required to interact with applications owners for application monitoring and with the SOC team for security monitoring
Strong experience with Splunk Programming Language (SPL), alerting methods and dashboard creation
Experience with Splunk Enterprise Security is required and experience with cloud environment’s is highly preferred
Requirements assist with data inputs and aid with the creation of Splunk search queries, dashboards, data models, and correlation searches
Experience in implementing Information Security technologies and/or processes required
Experience in product evaluation and managing vendor relationships required
Experience in defining Information Security strategy and integrating security technologies into corporate frameworks
Must have hands on working knowledge of UNIX/AIX, Microsoft NT/2000, firewall multi-layer design and implementation, router access list/packet filtering (CISCO), WANs, LANs, the Internet, Intranets, network protocols and network services (i.e., telnet, ftp, etc.), Intrusion detection systems, Virtual Private Network (VPN), two factor authentication
Bachelor's Degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering, or equivalent work experience
Typical Range of Experience
Minimum 3 years information security experience
2+years hands on experience with networking, intrusion detection, VPN, PKI, Next-Generation firewalls, NAC; Identity management and encryption technologies
License or Certification
CISSP, GIAC, CCNA, CCNP preferred
First American invests in its employees’ development and well-being, empowers them to provide superior customer service and encourages them to serve the communities where they live and work. First American is committed to diversity and inclusion. We are an equal opportunity employer.
Valid through: 11/9/2020